php outputting code rather than executing - php

I am pretty new to php, but have to link a database to html through php as part of uni coursework, so I attempted to implement a register and log in feature to the site we created. As far as I am aware this code should work however whenever I try to run it through the html page it posts the code itself rather than running. This is the case for both the login and registration. What am I doing wrong?
//registration
<?php
define('DB_HOST', 'xxx');
define('DB_NAME', 'xxx');
define('DB_USER','xxx');
define('DB_PASSWORD','xxx');
$con = mysql_connect(DB_HOST,DB_USER,DB_PASSWORD) or die("Failed to connect to MySQL: " . mysql_error());
$db = mysql_select_db(DB_NAME,$con) or die("Failed to connect to MySQL Database: " . mysql_error());
function NewUser() {
$Name = $_POST['Name'];
$Username = $_POST['Username'];
$Email = $_POST['Email'];
$Password = $_POST['Password'];
$query = "INSERT INTO userDetails (Username,Email,Name,Password) VALUES ('$Username','$Email','$Name','$Password')";
$data = mysql_query($query) or die(mysql_error());
if($data) {
echo "YOUR REGISTRATION IS COMPLETED...";
}
}
function SignUp() {
if(!empty($_POST['Username'])) {
$query = mysql_query("SELECT * FROM userDetails WHERE Username = '$_POST[Username]' AND Password = '$_POST[Password]'") or die(mysql_error());
if(!$row = mysql_fetch_array($query) or die(mysql_error())) {
newuser();
} else {
echo "YOU ARE ALREADY A REGISTERED USER...";
}
}
}
if(isset($_POST['submit'])) {
SignUp();
}

Related

How to create a root login page for mysql in php and html

I am trying to make a root login page for mysql in php and html but while executing the script it is not able to link with the mysql database.I am using mariadb server in ubuntu. here is the php code attached
<?php
define('DB_HOST', 'localhost');
define('DB_NAME', 'Project');
define('DB_USER','root');
define('DB_PASSWORD','123');
$con=mysql_connect(DB_HOST,DB_USER,DB_PASSWORD) or die("Failed to connect to MySQL: " . mysql_error());
$db=mysql_select_db(DB_NAME,$con) or die("Failed to connect to MySQL: " . mysql_error());
/*
$ID = $_POST['user'];
$Password = $_POST['pass'];
*/
function SignIn()
{
session_start(); //starting the session for user profile page
if(!empty($_POST['user'])) //checking the 'user' name which is from Sign-In.html, is it empty or have some text
{
$query = mysql_query("SELECT * FROM UserName where userName = '$_POST[user]' AND pass = '$_POST[pass]'") or die(mysql_error());
$row = mysql_fetch_array($query) or die(mysql_error());
if(!empty($row['userName']) AND !empty($row['pass']))
{
$_SESSION['userName'] = $row['pass'];
echo "SUCCESSFULLY LOGIN TO USER PROFILE PAGE...";
}
else
{
echo "SORRY... YOU ENTERD WRONG ID AND PASSWORD... PLEASE RETRY...";
}
}
}
if(isset($_POST['submit']))
{
SignIn();
}
?>

Sql Statement from PHP isnt inserting into Database but doesnt give an error

Thanks to this site i could manage to solve my problems, but my statement isnt going through on my database, but when i copy it and paste it directly to my database, it inserts without any problem. Here my code:
<?php
$ip = "***"; //MySQL Server IP
$user = "***"; //MySQL user
$pw = "***"; //MySQL password
$db = "***"; //Database
$sql_filter = "";
$con = mysqli_connect($ip, $user, $pw, $db);
if (mysqli_connect_errno())
{
echo "Failed to connect to MySQL: " . mysqli_connect_error();
exit();
}
function register()
{
$username = $_POST[username];
$vorname = $_POST[vorname];
$nachname = $_POST[nachname];
$geschlecht = $_POST[geschlecht];
$geburtsdate = $_POST[geburtsdatum];
$password = $_POST[password];
$email = $_POST[email];
if($email!="" and $password!="" and $username!="" and $password==$_POST["password_confirm"])
{
$sql_filter = "INSERT INTO `tblUser`(`UserID`, `UserName`, `Vorname`, `Nachname`, `EMail`, `Geschlecht`,`Password`) VALUES ('','$username','$vorname','$nachname','$email','$geschlecht','$password')";
$_SESSION['filter'] = $sql_filter;
$page_query = mysqli_query($con, $_SESSION['filter']);
$page_nums = mysqli_num_rows($page_query);
//header('Location: index.php');
echo $sql_filter;
echo $_SESSION['filter'];
}
else
{
header('Location: 404.html');
}
}
if(isset($_POST['submit']))
{
register();
}
mysqli_close($con);
?>
I think the problem is your $con is undefined in the function register(). So add this in the beginning of your function :
function register()
{
global $con;
... // the rest of your function
}

I am trying to connect to a db

I am trying to connect to a db but I keep getting an error that pops up every chance I get to change the db or connection string . I am currently using php mysqli and wamp will not show any error with the connection itself .
calc.php:
class Login {
var $con;
function __construct($con){
$this->con = $con;
}
function try_connecting(){
$connecting = true;
if($connecting){
if(!$this->con){
die ("Could not connect") . $this->con->connect_errno;
} else {
echo "connected";
}
} else {
return $connecting;
}
}
function try_login(){
if(try_connecting()){
$q = "SELECT username, password FROM persons WHERE username = " . $_POST["username"] . " AND password = " . $_POST['pwd'];
$rows = $this->con->num_rows;
if($rows == 1){
echo "true";
} else {
echo "not user";
}
}
}
}
Here is the test.php:
<?php
include("calc.php");
$u = $_POST['username'];
$p = $_POST['pwd'];
$con = mysqli_connect("localhost","root","","rdb");
$form = new Login($con);
$form->try_connecting();
$form->try_login();
?>
connection string error Unknown database
You forgot to run this query
$q = "SELECT username, password FROM persons WHERE username = " . $_POST["username"] . " AND password = " . $_POST['pwd'];
$rows = $this->con->num_rows;
Try to add
$this->con->query($q)
between the lines above

Table 'database_name.username' doesn't exist

I try to connect my html login file to phpmyAdmin database name "6470" - table "6470exercises" by this php file.
And the result is "Table '6470.username' doesn't exist". How can i resolve this problem?
Here is my code:
define('DB_HOST', 'localhost');
define('DB_NAME', '6470');
define('DB_USER','root');
define('DB_PASSWORD','');
$con=mysql_connect(DB_HOST,DB_USER,DB_PASSWORD) or die("Failed to connect to MySQL 1: " . mysql_error());
$db=mysql_select_db(DB_NAME,$con) or die("Failed to connect to MySQL 2: " . mysql_error());
/*
$ID = $_POST['user'];
$Password = $_POST['pass'];
*/
function SignIn()
{
session_start(); //starting the session for user profile page
if(!empty($_POST['user'])) //checking the 'user' name which is from Sign-In.html, is it empty or have some text
{
$query = mysql_query("SELECT * FROM UserName where userName = '$_POST[user]' AND pass = '$_POST[pass]'") or die(mysql_error());
$row = mysql_fetch_array($query) or die(mysql_error());
if(!empty($row['userName']) AND !empty($row['pass']))
{
$_SESSION['userName'] = $row['pass']; echo "SUCCESSFULLY LOGIN TO USER PROFILE PAGE...";
} else {
echo "SORRY... YOU ENTERED WRONG ID OR PASSWORD... PLEASE RETRY...";
}
}
}
if(isset($_POST['submit']))
{
SignIn();
}
Try replacing:
$query = mysql_query("SELECT * FROM UserName where userName = '$_POST[user]' AND pass = '$_POST[pass]'") or die(mysql_error());
with:
$query = mysql_query("SELECT * FROM 6470exercises where userName = '{$_POST[user]}' AND pass = '{$_POST[pass]}'") or die(mysql_error());

How do I make it so when I sign-up that account is able to log in to the database

So I am a newbie, to php/mysql and I would likeyou to see some code before I ask
Here is my two tables in by database
websiteusers(for my sign-up page)
CREATE TABLE WebsiteUsers
(
userID int(9) NOT NULL auto_increment,
fullname VARCHAR(50) NOT NULL,
userName VARCHAR(40) NOT NULL,
email VARCHAR(40) NOT NULL,
pass VARCHAR(40) NOT NULL,
PRIMARY KEY(userID)
);
and username (mysql for login page)
CREATE TABLE UserName
(
UserNameID int(9) NOT NULL auto_increment,
userName VARCHAR(40) NOT NULL,
pass VARCHAR(40) NOT NULL,
PRIMARY KEY(UserNameID)
);
here is my two php scripts
connectivity.php (for login page)
<?php
define('DB_HOST', 'localhost');
define('DB_NAME', 'hhh');
define('DB_USER','root');
define('DB_PASSWORD','');
$con=mysql_connect(DB_HOST,DB_USER,DB_PASSWORD) or die("Failed to connect to MySQL: " . mysql_error());
$db=mysql_select_db(DB_NAME,$con) or die("Failed to connect to MySQL: " . mysql_error());
/*
$ID = $_POST['user'];
$Password = $_POST['pass'];
*/
function SignIn()
{
session_start(); //starting the session for user profile page
if(!empty($_POST['user'])) //checking the 'user' name which is from Sign-In.html, is it empty or have some text
{
$query = mysql_query("SELECT * FROM UserName where userName = '$_POST[user]' AND pass = '$_POST[pass]'") or die(mysql_error());
$row = mysql_fetch_array($query) or die(mysql_error());
if(!empty($row['userName']) AND !empty($row['pass']))
{
$_SESSION['userName'] = $row['pass'];
echo "SUCCESSFULLY LOGIN TO USER PROFILE PAGE...";
}
else
{
echo "SORRY... YOU ENTERD WRONG ID AND PASSWORD... PLEASE RETRY...";
}
}
}
if(isset($_POST['submit']))
{
SignIn();
}
?>
and connectivity-sign-up.php (for sign-up page)
<?php
define('DB_HOST', 'localhost');
define('DB_NAME', 'hhh');
define('DB_USER','root');
define('DB_PASSWORD','');
$con=mysql_connect(DB_HOST,DB_USER,DB_PASSWORD) or die("Failed to connect to MySQL: " . mysql_error());
$db=mysql_select_db(DB_NAME,$con) or die("Failed to connect to MySQL: " . mysql_error());
function NewUser()
{
$fullname = $_POST['name'];
$userName = $_POST['user'];
$email = $_POST['email'];
$password = $_POST['pass'];
$query = "INSERT INTO websiteusers (fullname,userName,email,pass) VALUES ('$fullname','$userName','$email','$password')";
$data = mysql_query ($query)or die(mysql_error());
if($data)
{
echo "YOUR REGISTRATION IS COMPLETED...";
}
}
function SignUp()
{
if(!empty($_POST['user'])) //checking the 'user' name which is from Sign-Up.html, is it empty or have some text
{
$query = mysql_query("SELECT * FROM websiteusers WHERE userName = '$_POST[user]' AND pass = '$_POST[pass]'") or die(mysql_error());
if(!$row = mysql_fetch_array($query) or die(mysql_error()))
{
newuser();
}
else
{
echo "SORRY...YOU ARE ALREADY REGISTERED USER...";
}
}
}
if(isset($_POST['submit']))
{
SignUp();
}
?>
So my question is is how could I make it so when a user signs-up, he/she is automatically inserted into my username database?
EDIT
no I have it connected to one table, and have changed it to mysqli but keep getting this error..
Notice: Undefined variable: con in C:\xampp\htdocs\test2\Sign-in\connectivity.php on line 12
Warning: mysqli_query() expects parameter 1 to be mysqli, null given in C:\xampp\htdocs\test2\Sign-in\connectivity.php on line 12
Notice: Undefined variable: con in C:\xampp\htdocs\test2\Sign-in\connectivity.php on line 12
Warning: mysqli_error() expects parameter 1 to be mysqli, null given in C:\xampp\htdocs\test2\Sign-in\connectivity.php on line 12
EDITED SO THAT IT USES mysqli_:
<?php
$DB_HOST= "localhost";
$DB_NAME = "hhh";
$DB_USER = "root";
$DB_PASSWORD= "";
$con= mysqli_connect($DB_HOST,$DB_USER,$DB_PASSWORD,$DB_NAME) or die("Failed to connect to MySQL");
function SignIn($con)
{
session_start();
if(!empty($_POST['user'])){
$query = mysqli_query($con,"SELECT * FROM websiteusers WHERE userName = '$_POST[user]' AND pass = '$_POST[pass]'") or die(mysqli_error($con)); //changed
$row = mysqli_fetch_array($query) or die(mysqli_error($con));
if(!empty($row['userName']) && !empty($row['pass'])) //changed to a more modern operator
{
$_SESSION['userName'] = $row['pass'];
echo "SUCCESSFULLY LOGIN TO USER PROFILE PAGE...";
}
else
{
echo "SORRY... YOU ENTERD WRONG ID AND PASSWORD... PLEASE RETRY...";
}
}
}
if(isset($_POST['submit']))
{
SignIn($con);
}
?>
You just need 1 table. When they sign up insert them into the database and then call the log in function and in the log in process use $_SESSION cookie to mark them as logged in. Also for the love of god you a begging for an injection attack. mysql_query is deprecated use PDO or MySQLi and use parameters.

Categories